State Management

What is State management Why State management ViewState QueryString Cookies

State management In a window program the user interacts with the continuously running application A portion of memory on the desktop computer is allocated to store the current set of working information In Web application the story is different

A professional ASP.NET site might look like a continuously running application Web application uses a disconnected access pattern

Why State Management-Disconnected access pattern Client Web Server Connect & request a page Response & info abandoned Web servers discard the client information

Web Application handles of thousands of requests Web Server Client 1 Client 2 Client 3 Client 4 Client 5 Client 6

The clients can be connected to the web server only for a few seconds Web server needs to serve thousands of request To retain the working information the user needs to take special measure

Viewstate QueryString Cookies

Viewstate It allows the controls to retain their state Viewstate information is stored in the hidden field The hidden field holds the information in a crazy string format that is non-readable and it changes dynamically everytime the informations in the control is changed It is the first option for state management

ViewState Example :Counter Dim count As Integer If Me.ViewState("count") = Nothing Then count = 1 Else count = CType(Me.ViewState("count"), Integer) + 1 End If Me.ViewState("count") = count Label1.Text = count.ToString()

Transferring information One of the limitations of the viewstate is that it is tightly bound to a page Page navigation makes the data to get lost One common approach that we use is to pass information using the query string Used in search engines ganic

QueryString The querystring is a portion of the URL followed after the ? In the above example, it defines a single variable named ask which contains the string “organic” It is a useful technique in the database applications where you present a list of details that correspond to records in the db

QueryString The user can select an item and be forwarded to a detailed information page This page can receive the unique ID that identifies the record from the sending page and look up for information from the db Example Amazon site Response.redirect(“newpage.aspx?recordID=10”)

Querystring example

if (ListBox1.SelectedIndex == -1) { Label1.Text = "U must select a item"; } else { string qs = "Default.aspx?"; qs += "Item=" + ListBox1.SelectedItem.Text; Response.Redirect(qs); }

QueryString The new page can receive the values from the querystring with Request object Dim ID as String=Request.QuerySting(“recordID”)

QueryString limitation Information is limited to simple string; which contain legal URL characters Information is clearly visible to the user (eavesdrop) Less security over the Internet Browsers impose restriction on the length of the Querystring,hence a large string cannot be placed

Cookies Custom cookies provide another way that you can store information Cookies are small files that are stored on the hard drive Cookies work transparently (ie) without the user being aware that information are stored Long term storage

Drawbacks Suffer with the limitation of the string length Information's are easily readable by the user and less security

Using Cookies Use the namespace Using System.Net Both the Request and Response objects provide the cookie collection The cookies are retrieved from the Request object and cookies are set using the Response object To set a cookie just create System.Net.HttpCookie object

Creating cookies Set a value in it Add it to the cookies collection Cookie=new HttpCookie(Preferences”) Cookie(“LanguagePref”)=English Response.cookies.add(Cookie)

Setting the expiry time for cookies A cookie normally persists until the user closes the browser and will be sent with the request.To create a long lived cookie set the expiry date This cookie lives for 1 year Cookie.Expires =DateTime.Now.AddYears(1)

Check for the existence of cookies Private Sub Page_Load(sender as Object,e as EventArgs) { dim cookie As HttpCookie =Request.Cookies(“Preferences”) if cookie Is Nothing Then LabelWelcome.Text=”Unkown Customer” else LabelWelcomet.Text=”Cookie found” LabelWelcome.Text=”Cookie found,” & Cookie(“Name”) End If End Sub

Cookies storing and retrieving Private sub cmdstore_Click(sender as object,e as EventArgs) Dim cookie as HttpCookie=Request.Cookies(“Preferences”) If cookie is Nothing Then Cookie=new HttpCookie(“Preferences”) End If Cookie(“Name”)=TextName.Text Cookie.Expires=DateTime.AddYears(1) Response.Cookies.Add(Cookie) LabelWelcome.Text=”New customer” & Cookie(“Name”)

Session State Application need to access complex information such as Datasets which cannot be persisted by Querystring or cookies In these situations we use the ASP.NET built in facility Session state facility It is one of the premiere feature It allows you to store any type of data on the server

Session State The information is protected with a unique session. Every client who access the application is created with a unique session

Session tracking ASP.NET tracks each session using a 120 bit identifier. It uses a special algorithm to track the value No hackers can guess the session ID This ID is the piece of information transferred between the client and the server

Session Information I Session ID Session Information II Session ID User presents the Session-ID Matches the Session ID and Returns the Session information

Session State -Storing values in Session State Syntax Session(“Session variable”) =Datasource Example Session(“ds)=dsinfo

Session State -Retrieving values from Session Syntax Temporary variable =Ctype(Session(“Session Variable”),DataSet) Example ds=CType(Session(“ds”),DataSet)

How can Session State be lost If the user closes the browser If the session is timed out If the programmer ends the session in the program If the user access the same page through different browser

Example Restrict only the signed in users to enter the appropriate page

Session State configuration Session State is configured through Web.config file in the ASP.NET It allows to set most of the options such as Session State mode and timeout..

CookieLess You can set the cookieless setting to true or false  cookieless=”false”

Session State When set to true,the session ID will automatically be inserted into the URL ASP.NET on receiving the request it collects the session information

Timeout Another Session State settings in the web.config file is timeout It specifes the number of minutes that ASP.NET will wait,without receiving the Request,before it discards the session  timout=”20” 

Mode Off: this setting disables state management for every Page in the application StateServer:Separate windows service outside ASP.NET  Set manual setting to start on and off SqlServer:It stores the session information in the databases available in the SQL Server

Application State It stores global objects that can be used by any client A common example is the global counter that tracks how many times an operation has been performed by all clients

Global counter Protected Sub Page_Load(sender as Object,e as EventArgs) Application.Lock( ) Dim count as Integer =CType(Application(“Hit”,Integer)) Count+=1 Application(“Hit”)=count Application.Unlock( ) Label1.text=Count.ToString( ) End Sub